Posted
by
samzenpus
on Monday May 18, 2015 @11:31PM
from the get-out-of-the-cloud dept.

An anonymous reader writes: The U.S. Navy is not pleased with the progress it has made on data center consolidation and plans to change strategies. "Later this year, we will make an organizational change to our approach to data center consolidation. The Data Center and Application Optimization (DCAO) program office will move from under Space and Naval Warfare Systems Command (SPAWAR) headquarters to under Program Executive Office-Enterprise Information Systems (PEO-EIS) as a separate entity or program office," said John Zangardi, the Navy's deputy assistant secretary for command, control, computers, intelligence, information operations and space and acting chief information officer. The secretary added that over the past three years, the U.S. Department of the Navy had consolidated 290 IT systems and applications at 45 national sites.

You also agree that you will not use these products for any purposes prohibited by United States law, including, without limitation, the development, design, manufacture or production of nuclear, missiles, or chemical or biological weapons.

You also agree that you will not use these products for any purposes prohibited by United States law, including, without limitation, the development, design, manufacture or production of nuclear, missiles, or chemical or biological weapons.

If they are not insane, they are standing inside a Somebody Else's Problem field and are unaware of the institutional inertia they will encounter. Not to mention the number of published security policy directives which would need to be rescinded.

Not only is BYOD already prohibited on systems such as you mention, but you usually can't bring your own device into offices doing planning for those systems.

A Somebody Else's Problem field is no simple menace or obstacle, it is a projection of ill-tempered or incompetent energy. It can be intricate, beautiful or funny when viewed from a distance, like one of those biohazard crop circles [google.com]. But you must make your way through them every day. You must be wary of strange invisible energies converging at sharp edges and central lobes. And often many overlap which compounds complexity.

I'm sure changing strategies will allow them to make up for the slow progress since the last change of strategy.

As funny as that sounds, that may be part of the reason of the slow progress. All the way at the top, a reorganisation may look splendid, and should on paper improve efficiency and all that. But at the workfloor we all too often are then bogged down by slow decision taking at the intermediate management levels, or just very practical problems that were overlooked.

If the DoD loses physical control over their system then they cannot secure them. This looks like folly to me.

I think DoD consolidated data centers is entirely reasonable and I don't know why they're shifting from that. Being able to hug the server is enormously valuable. If something goes wrong with it, then someone has to hug it. And if it isn't one of your people then that means you're giving access to a third party.

Considering how interested foreign governments are to gain access to these systems, it would be a mistake to think the cloud system is going to protect anything. We've seen repeated examples of the cloud system failing in security.

The cloud system is generally more economical. But that is its only virtue.

As to this notion that the navy has to democratize its tech... the military is not a democracy. What is more BYOD schemes are inherently less secure. If the military doesn't take information security seriously, they are going to get their clocks cleaned.

Putin for example has shifted the FSB to use typewriters that print on PAPER to secure top secret documents because they don't trust their information security. For the DoD to think they can get away with BYOD schemes, commercial datacenters, and "Democratizing" their information security means they have NO clue the sort of resources being put into breaching their systems. This is madness. Ask the NSA if they'd do any of these things.

1. The NSA runs their OWN datacenter. They do not sublet.2. The NSA doesn't democratize their information security. They dictate it. Within their organization, you comply or else.3. The NSA would outright laugh at a BYOD scheme since they don't even let cell phones or mobile computers or thumb drives within many of their facilities much less let their staff run around with god knows what kind of machine that has access to their most critical systems for no reason.

This is dumb.

Look, different agencies should be responsible for whatever they understand. If I wanted to run a naval battle engagement, I'd put the Navy in charge of that. If I am trying to secure government computer systems, then I would put experts in that field in charge... give this to the NSA. They know how to breach a system so they know how to secure it.

It's not just you -- the article had a quote that makes it seems like there's an unknown sysadmin care bear:

Culturally, we have to make this shift from a mistaken belief that all our data has to be near us and somewhere where I can do and hug the server, instead of someplace where I don't know in the cloud. This is a big shift for many within the department. It's not going to be an easy transition.

I don't know about you, but we don't have our racks just standing their on their own... they're in rows, so y

In the past, the government used private companies for data centers in the past. However, said companies were held up to a level of standards.

However, these days, very few cloud providers are FISMA compliant, much less compliant with more stringent security protocols. There is also responsibility. Worst comes to worse, a private cloud just goes bankrupt and all that Federal data winds up being handed over to the next buyers of physical servers (yes, there is support to be DAR protection, but not many pla

1. Whether he was a contractor or not is actually controversial. According to Snowden, he was an agent and his contractor status was cover. So we don't know if he was a contractor or whether he was a full blown analyst and operative.

2. He didn't do it alone. It is quite obvious that he had a lot of help from other like minded people inside the agency.

3. This "crummy" comment is just a baseless insult without meaning.

4. As to China and Russia getting access to the NSA, it is quite clear that much of what Sno

4. As to China and Russia getting access to the NSA, it is quite clear that much of what Snowden made public was news to the Chinese and Russians so they did not have access prior to that.

That would be the expected reaction from any competent intellegence agency. Or did you expect them to release an itemized list of what they had and had not managed to penetrate? Their post-Snowden public reaction tells you exactly nothing about their pre-Snowden activities.

The Navy along with all the other defence forces form the core of major emergency services not just in war but also in national emergency. The Navy along with all the other defence forces need to be able to function upon a manual pencil and paper basis, so that when all else fails in the face of a major catastrophe, they can still function. That means distributed data systems with full manual backup of all essential command and communications structures.

It should be noted that the US strategic air command is moving BACK to cheyenne mountain.

The military does need to have multiple redundant fail safes.

As to consolidation... it depends on what you're consolidating.

Logistics and procurement for example don't need distributed databases. You can centralize that. YES have a backup where someone can just pick up a phone and call an order in manually or by fucking carrier pigeon. But the primary workhorse of day to day procurement and inventory sh

For manual systems to work, you have to practice them. Make sure the courier rider is still there, make sure the forms are still there and make sure the boxes of pencils are still there. Basically the military needs to keep manual systems going because when all else fails, part of their function is to remain functioning. Military transport vehicles at their very core should be very reliable, very fuel efficient and be capable of running without electronics. They have the bodies and keeping them busy with p

The NSA was the first agency I thought of as well, but I thought I might be modded +Funny for even suggesting it. They know security, and they obviously know how to build massive datacenters. Why aren't they building centers for the Navy and Marines that remain under government control? For top military secrets, that seems to make a lot more sense than using commercial datacenters.

More of those "inter-agency walls" that were supposed to have been torn down under the reorganization of the Department of Ho

Organizational walls are a good thing. Keep an open mind. You need tight organizations that can operate independently. The walls are bad when they don't talk to each other but they should be able to operate independently of each other. When you jam everything together you tend to get a one size fits all system which is ultimately shitty for everyone. You can't run the Marines on the same system the NSA runs on... its incompatible. So the idea is to let each department work like its own little kingdom of spe

It really depends on the system.For instance things like logistics aka buying food, cleaning supplies, tools, and so on. could all be done on COTs systems and using public data centers.Things like how many SM-2s are down for repair is a different issue.And then keeping things separated is yet another issue.

I disagree because you can infer things from what you think are meaningless bits of information.

Imagine if you were Sherlock Holmes... someone very intelligent, very rational, very knowledgable... and you were handed a long list of seemingly meaningless statistics from the Navy's various requisitions including time stamps, locations, etc. Do you honestly think that someone couldn't infer something you'd rather keep secret from all that?

They figured out a long time ago that it was more efficient and gave better quality results to have one Government Printing Office than ten thousand printing offices - the same logic applies to IT. IT can be both commoditized and customized by qualified individuals - if the Navy needs something special, then the Government IT Office should have to acquire skills to meet the Navy's needs. Intelligence already has specialized IT systems, to handle classification transitions - hire those guys away to the GIT

I don't have a clue as to all the use cases the navy needs a data center for. I really don't.

But I'm pretty sure a lot of it can be sent into *the cloud* with vendors with decent credentials. I would hope the navy ensures the cloud location and physical security. Maybe they reach an agreement to post their own navy security for particular labs? This is not an usual agreement to have a dedicated physical location for big clients. This happens with corporations. I'm sure the military could get such an agreeme

It makes me sad every time I read articles such as this. I feel the Navy has been adrift since morse code and torn tape relay were retired. Perhaps it is time for you to reconsider SPAWAR? I often wonder how they help defend the constitution against all enemies foreign and domestic. My last COTAR was obviously a spy for some foreign agency. Anyway... there are many examples of how to make big systems work and none of them are at SPAWAR. COTS can do this, other organizations do this. Why not you?

You showed an unfiltered live capture of your network to clients? Not one person there was security conscious, let alone competent? It is that sort of behavior that gets many organizations in trouble eventually.

The US Navy are the most intelligent people in all of the United States armed forces. If they tried to accomplish an important national goal, and didn't fully succeed, then they very well should be listened to.

These people are not slackers. They are the real deal. If they're having trouble, the "cloud" industry needs to listen to them.

A smart person in one field does not always or even often carry that intelligence and understanding to another field.

For instance, scientists are some of the most intelligent people in all of the United States. But I wouldn't trust the great majority of them to configure a home router securely let alone run off on a tax burning mission to consolidate IT infrastructure and chase down the gold medal in 'How To Do IT Wrong And Blame It On The Technology Instead Of Admit Perfectly Reasonable Ineptitude'.

I know quite a few people in the Navy, much respect to all of them, but to attribute their ability to take on a task of this magnitude (pop pop) based on their intelligence ranking among the armed forces in its entirety isn't exactly a high bar to begin with.

Apples and Oranges. You assume that the Navy does not have trained IT personnel. I believe that was the point. If the Navy can't do it, because they employ the trained personnel to do it, then you should take notice.

FYI you argument is inane, because you do not know the great majority of scientists. Thus your judgement is meaningless.

Space and Naval Warfare Systems Command (SPAWAR, in other words "Space War") had a problem fulfilling The Next Generation Enterprise Network (NGEN) contract? I think the Navy Trekkies are in control of the acronym office!